{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcba_usb.c driver, aka CID-4d6636498c41."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-01-23T17:06:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11"}, {"tags": ["x_refsource_MISC"], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4d6636498c41891d0482a914dd570343a838ad79"}, {"name": "[oss-security] 20191203 Linux kernel: multiple vulnerabilities in the USB subsystem x3", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2019/12/03/4"}, {"name": "openSUSE-SU-2019:2675", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html"}, {"name": "USN-4227-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/4227-1/"}, {"name": "USN-4226-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/4226-1/"}, {"name": "USN-4225-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/4225-1/"}, {"name": "USN-4227-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/4227-2/"}, {"name": "USN-4225-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/4225-2/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-19529", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcba_usb.c driver, aka CID-4d6636498c41."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11", "refsource": "MISC", "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11"}, {"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4d6636498c41891d0482a914dd570343a838ad79", "refsource": "MISC", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4d6636498c41891d0482a914dd570343a838ad79"}, {"name": "[oss-security] 20191203 Linux kernel: multiple vulnerabilities in the USB subsystem x3", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2019/12/03/4"}, {"name": "openSUSE-SU-2019:2675", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html"}, {"name": "USN-4227-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4227-1/"}, {"name": "USN-4226-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4226-1/"}, {"name": "USN-4225-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4225-1/"}, {"name": "USN-4227-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4227-2/"}, {"name": "USN-4225-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4225-2/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T02:16:48.168Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4d6636498c41891d0482a914dd570343a838ad79"}, {"name": "[oss-security] 20191203 Linux kernel: multiple vulnerabilities in the USB subsystem x3", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2019/12/03/4"}, {"name": "openSUSE-SU-2019:2675", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html"}, {"name": "USN-4227-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/4227-1/"}, {"name": "USN-4226-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/4226-1/"}, {"name": "USN-4225-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/4225-1/"}, {"name": "USN-4227-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/4227-2/"}, {"name": "USN-4225-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/4225-2/"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-19529", "datePublished": "2019-12-03T15:40:58", "dateReserved": "2019-12-03T00:00:00", "dateUpdated": "2024-08-05T02:16:48.168Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "AFBC7FC6-5284-45A6-AEF0-98EE91D9A0A5", "versionEndExcluding": "5.3.11", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "matchCriteriaId": "CD783B0C-9246-47D9-A937-6144FE8BFF0F", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", "matchCriteriaId": "A31C8344-3E02-4EB8-8BD8-4C84B7959624", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcba_usb.c driver, aka CID-4d6636498c41."}, {"lang": "es", "value": "En el kernel de Linux versiones anteriores a 5.3.11, se presenta un bug de uso de la memoria previamente liberada que puede ser causado por un dispositivo USB malicioso en el controlador del archivo drivers/net/can/usb/mcba_usb.c, tambi\u00e9n se conoce como CID-4d6636498c41."}], "id": "CVE-2019-19529", "lastModified": "2020-08-12T14:17:51.163", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.4, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-12-03T16:15:13.127", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2019/12/03/4"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4d6636498c41891d0482a914dd570343a838ad79"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/4225-1/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/4225-2/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/4226-1/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/4227-1/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/4227-2/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-416"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: use-after-free bug caused by a malicious USB device in the drivers/net/can/usb/mcba_usb.c", "id": "1783515", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1783515"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.3", "cvss3_scoring_vector": "CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-416", "details": ["In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcba_usb.c driver, aka CID-4d6636498c41.", "A use-after-free flaw was found in the driver for the USB Microchip CAN BUS Analyzer Tool. The CAN BUS analysis hardware is not commonly found on server-grade hardware where the flaw exists while a device is removed (physical access) or a kernel module is unloaded (administrative privileges). An attacker must race the code while the device is being unplugged to take advantage of this flaw."], "mitigation": {"lang": "en:us", "value": "As the mcba_usb odule will be auto-loaded when required, its use can be disabled by preventing the module from loading with the following instructions: \n# echo \"install mcba_usb /bin/true\" >> /etc/modprobe.d/disable-mcba_usb.conf \nThe system will need to be restarted in the unlikely case that the modules are loaded. In most circumstances, the kernel modules will be unable to be unloaded with rmmod while any device has the software in use. \nIf the system requires this module to work correctly, this mitigation may not be suitable, alternative USB can analysers will not suffer this same flaw.\nIf you need further assistance, see KCS article https://access.redhat.com/solutions/41278 or contact Red Hat Global Support Services."}, "name": "CVE-2019-19529", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "kernel-alt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/a:redhat:enterprise_mrg:2", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise MRG 2"}], "public_date": "2019-11-04T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2019-19529\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-19529"], "threat_severity": "Moderate"}